Improve error message when appId is set to an incorrect value #375
Description
follow up to octokit/request.js#505 (comment)
I wonder if we can throw a better error message to help users who ran into the same problem as you did.
The underlying library is @octokit/auth-app. My test code looks like this
const auth = createAppAuth({
appId,
privateKey
});
auth({
type: "installation",
installationId,
}).then(console.log, console.log);When privateKey is valid, but appId is not the current ID, then I retrieve the "A JSON web token could not be decoded" that @nasirmajid in the linked issue above, which is verbatim the message we get from GitHub's REST API.
@timrogers I tested the JWT that is sent to GitHub and it's not correct that the JWT cannot be decoded, the JWT is valid. However the iss value won't match the signature, as it's an incorrect app ID.
We could catch this case in the library and provide a more helpful error message, e.g. at least include the APP ID. But It would be even better if the error message from GitHub's REST API would be improved to include the iss aka app ID when it can be retrieved from the passed JWT